On 19/02/17 00:02, Michael Paquier wrote: > On Sat, Feb 18, 2017 at 11:57 PM, Petr Jelinek > <petr.jeli...@2ndquadrant.com> wrote: >> On 15/02/17 05:56, Michael Paquier wrote: >>> I thought that this was correctly clobbered... But... No that's not >>> the case by looking at the code. And honestly I think that it is >>> unacceptable to show potentially security-sensitive information in >>> system catalogs via a connection string. We are really careful about >>> not showing anything bad in pg_stat_wal_receiver, which also sets to >>> NULL fields for non-superusers and even clobbered values in the >>> printed connection string for superusers, but pg_subscription fails on >>> those points. >>> >> >> I am not following here, pg_subscription is currently superuser only >> catalog, similarly to pg_user_mapping, there is no leaking. > > Even if it is a superuser-only view, pg_subscription does not hide > sensitive values in connection strings while it should. See similar
It's not a view it's system catalog which actually stores the data, how would it hide anything? -- Petr Jelinek http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
